ANZ Bank warns businesses and customers of phishing scam

ANZ Bank is warning members to be wary of a new phishing scam, as the bank's trademarks have once again been exploited in an email scam.

The malicious emails are infiltrating inboxes using a display name of ‘ANZ Internet Banking’ and are titled ‘ANZ INTERNET BANKING ACCOUNT ALERT’. The sending address displayed in the 'From' field uses the domain '@alert.com'. MailGuard detected the emails actually come from a compromised email account, ANZ Banking Group says.

The message body contains a high-quality ANZ logo and advises the recipient they have a ‘pending verification waiting to validate’ and that they should log in to their account to view this message. A link is included to ‘View Your Message along with today’s date.

Unsuspecting recipients who click on the link are led directly to a legitimate-looking copy of the ANZ login page that asks for their confidential details. This is actually a phishing page.

Users who enter their details and click ‘Log on’ are led to a 'security page' once again spoofing ANZ’s branding & logo. This page asks users to 'verify' their security questions and answers.

Once all of the above fields have been completed and recipients click ‘Continue’, a message appears on screen thanking them for using ANZ Internet Banking.

This sole purpose of this elaborate phishing scam is to harvest the login credentials of ANZ customers so the criminals behind this scam can break into their bank accounts, ANZ says.

"Cbercriminals have taken great pains to replicate official landing pages from ANZ – including incorporating the bank’s branding and logo using high-quality graphical elements. All this is done in an attempt to trick the users into thinking the scam is legitimate." It says.

"It is also interesting to note that the body of the scam email includes a note explaining that due to ‘privacy & security reasons’, it is unable to include personal details like the recipient’s account name and number," ANZ says.

"The lack of these details is widely considered to be a red flag associated with scam emails. Including a reason to explain why these details have been omitted is therefore an attempt by the cybercriminals to provide a justification for this red flag and boost the credibility of the email."

ANZ says a focus on security is, ironically, a key feature of this scam email, considering the additional security reminder in the email footer that ANZ will ‘NEVER send an email which includes a link that redirects you to logon to internet banking’.

"These security reminders are commonly expected of such a well-established bank. All this serves to elicit a more confident response from recipients who think they are validating their accounts by clicking on the provided link and entering their confidential login details," it explains.

"However, despite these attempts, this email scam contains several other tell-tale signs that point to its illegitimacy. These include grammatical errors like 'banking account have a pending verification' as well as spacing errors," ANZ says.

Recipients who have received such a hoax/suspicious email claiming to be from ANZ are advised do the following:

Do NOT click on any unexpected/unusual links or open attachments.

Forward the suspicious email or SMS to hoax@cybersecurity.anz.com

Delete the message from your inbox.

ANZ also offers these tips on preventing online fraud attempts:

Check the address bar of your browser to see if ANZ’s website address has changed from http:// to https://

Check to see if a security icon that looks like a lock or a key is visible near the address bar on any page that you need to enter your security credentials.

To minimise your chances of becoming a victim of a phishing scam, ANZ advises:

Keep your antivirus and firewalls up to date and perform regular scans on your computer

"Whilst MailGuard is stopping this email scam from reaching Australian businesses, we encourage all users to be extra vigilant against this kind of email and whatever happens, do not open or click them," ANZ says.